According to various sources, such as Snowden's "Permanent Record", the tor network was designed to allow spies in remote locations to communicate securely with a known endpoint (such as CIA headquarters) without anyone being able to easily trace their exact location. The content of the communication itself would not be readable due to strong encryption, but the metadata (source and destination headers) could reveal who was talking to who.
However, nation-states with enough backdoors to all the servers serving as tor jumpboxes could likely deanonymize the remote user (it's assumed they'd be watching all traffic going to and from the known endpoint, which in Snowden's case was a journalist's email server).
Snowden's method IIRC was to acquire a laptop or phone without leaving any identifying marks (ownership information), then drive around until he found an open wireless network which he could log onto, then he'd use that network over tor to connect to the journalists he was talking to. The device was used for no other purpose, never turned on and connected to his home network, etc.
There doesn't seem to be any way for two anonymous parties to find and connect with each other across tor in this manner however, without having some other side channel to coordinate time and place and exchange identifying information.
You can still hide the content of communication using PGP-style strong encryption, but even then, it's likely that keys could be compromised in some manner.
CIA likely hidden in plain sight so you wouldn't figure out their Tor node. Likely hosted in some DC rest of USA also uses, for example a colo or dedicated at Rackspace.
As for Snowden you just described a burner however he would still need to find or know that open WiFi hotspot.
However, nation-states with enough backdoors to all the servers serving as tor jumpboxes could likely deanonymize the remote user (it's assumed they'd be watching all traffic going to and from the known endpoint, which in Snowden's case was a journalist's email server).
Snowden's method IIRC was to acquire a laptop or phone without leaving any identifying marks (ownership information), then drive around until he found an open wireless network which he could log onto, then he'd use that network over tor to connect to the journalists he was talking to. The device was used for no other purpose, never turned on and connected to his home network, etc.
There doesn't seem to be any way for two anonymous parties to find and connect with each other across tor in this manner however, without having some other side channel to coordinate time and place and exchange identifying information.
You can still hide the content of communication using PGP-style strong encryption, but even then, it's likely that keys could be compromised in some manner.